|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
IIS ConfigurationHello!
I have an windows 2003 Standart with all updates and this only run IIS. I have many sites in IIS, but in some, I need set IUSR permission as write. This way i was hacked. What i can do different? Thanks 1 way is to configure special anonymous user for that particular web
application, and ensure the account can only write to certain folder with proper NTFS permissions control, with additional - setting now scripts/execute permissions on those folder if it's within the web site structure. -- Show quoteHide quoteRegards, Bernard Cheah http://www.iis.net/ http://www.iis-resources.com/ http://msmvps.com/blogs/bernard/ "Gladyston" <Gladys***@discussions.microsoft.com> wrote in message news:167D5D45-A3E1-4132-9326-9191D0DE854D@microsoft.com... > Hello! > > I have an windows 2003 Standart with all updates and this only run IIS. I > have many sites in IIS, but in some, I need set IUSR permission as write. > This way i was hacked. What i can do different? > > > Thanks 
Other interesting topics
Virtual Directory to a remote UNC not working properly
Force Relogin. IIS6, ASP.NET app, IE6+ browser credentials not going to IIS automatically aspnet_isapi.dll security limit access to all but 1 file inhability to display http://localhost How do I make a local machine client certificate available to all users? Impersonation and Delegation with ASP.NET 2.0 on 2 Servers NTLM Authentication on IIS 6.0 [IIS 5] Homemade cert and SSL Access Denied connecting to remote share through IIS |
|||||||||||||||||||||||
